Wireless Mesh Networks (WMNs) have revolutionized provisioning of economical and broadband wireless internet service to the whole community of users. The self-configurable and self-healing ability of WMNs has encouraged their rapid proliferation, as adding a mesh router (MR) is as simple as plugging and turning on. The plug-and-play architecture of WMN, however paves way to malicious intruders. An attacker can raise several security concerns, like rogue routers, selfishness, and denial-of-service attacks. Unfortunately, current thrust of research in WMNs, is primarily focused on developing multi-path routing protocols; and security is very much in its infancy. Owing to the hierarchical architecture of WMNs, security issues are multi-dimensional. As mesh routers form the backbone of the network, it is critical to secure them from various attacks. In this dissertation we develop integrated security architecture to protect the mesh backbone. It is important to provide an end-to-end security for mesh clients and hence we design a novel authentication protocol for mutually authenticating mesh clients and mesh routers. The aim of this dissertation is to explore various issues that affect the performance and security of WMNs. We first examine the threat of an active attack like Denial of service attack on MRs and design a cache based throttle mechanism to control it. Next, we develop a MAC identifier based trace table to determine the precise source of a DoS attacker. We then evaluate the vulnerability of WMNs to passive attacks, like selfishness and propose an adaptive mechanism to penalize selfish MRs that discretely drop other’s packets. In order to handle route disruption attacks like malicious route discovery, we design an intelligent Intrusion Detection System. Through extensive simulations, we evaluate effectiveness of our proposed solutions in mitigating these attacks. Finally, we design a light weight authentication protocol for mesh clients using inexpensive hash operations that enables authentication of important control messages and also performs auto-refresh of authentication tokens.